Baltimore – Baltimore County Public Schools (BCPS) reopened on Wednesday after being forced to close for three days due to a ransomware attack.
On November 28, the district, which is mostly conducting virtual classes due to the pandemic, announced that its schools would be closed Monday and Tuesday. The ransomware attack occurred two days before Thanksgiving, and BCPS officials described it as a “catastrophic attack on our technology system,” reports the Baltimore Sun.
During the shutdown, which affected all of its nearly 115,000 students, the district revised its platform. Additionally, students and staff with BCPS HP devices were required to check for ransomware. Devices will be replaced with Chromebooks.
Critics say multiple red flags preceded the attack. In May 2019, BCPS officials were warned that their networks were vulnerable, reports the Baltimore Brew. The technology journal Ars Technica used BCPS as a prime example of the vulnerabilities school district computer networks face. One expert told The Brew at that time that major parts of the district’s network were not properly configured or protected.
In response, the district applied a system patch that The Brew reported was the bare minimum needed to prevent an attack.
Additionally, on the day of the ransomware attack, a report by Maryland’s Office of Legislative Audits was released and found that significant risks existed within BCPS’ computer network:
For example, monitoring of security activities over critical systems was not sufficient and its computer network was not properly secured. In this regard, publicly accessible servers were located in the BCPS internal network rather than being isolated in a separate protected network zone to minimize security risks.
Although the report was released on the day of the attack, The Brew opines BCPS probably knew about the vulnerabilities last spring.
Across the board, organizations are reporting a huge increase in phishing attempts, email-based malware attacks, email compromise, ransomware and more. Schools are particularly vulnerable, especially districts that are conducting virtual classes during the COVID-19 pandemic.
Online learning means school districts have experienced a proliferation of devices interacting on their networks, stretching existing security measures thin. Furthermore, home networks tend to be less secure and less frequently maintained than school networks.
Overall, the average cost of a data breach is $3.86 million each.
Hackers have taken note.